Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Navigating ICS Security: The Threat Landscape

Whilst working for a management consultancy, I learned a lot more about industrial control systems (ICS) than I ever imagined I would. In many cases, this wasn’t from working on them directly; it was from simply speaking to the technicians and reading documentation. Oftentimes, we have the false belief that our systems are safe from compromise because no one really knows how they work. It’s like security through obscurity.

HIPAA and Social Media: What You Need to Know

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was signed into law before the rollout of major social media sites such as Facebook, Twitter, and Instagram. And as such, there are no specific HIPAA rules for social media. However, some HIPAA laws and standards apply to the use of social media by health care organizations and their workers. Because of that, each health care organization must implement a HIPAA social media policy to decrease the risk of HIPAA violations.

What is Spyware?

Spyware is unwanted software, a type of malicious software or malware, designed to expose sensitive information, steal internet usage data, gain access to or damage your computing device. Any software downloaded to a user's device without authorization can be classified as spyware. Even spyware programs installed for innocuous reasons often violate end user privacy agreements and have the potential for abuse.

Companies That Request PII From Vendors Must Protect It

In my line of work, it is often a requirement to provide our customers with background information on the employees who will be performing on-site professional services. This is not in itself an issue, but how the customer receives and handles that information can be. Tripwire best practice is for HR to provide an attestation of all requested background checks to our clients rather than providing detailed background reports or having the client run a background check on our employees.

What Does Integrity Monitoring Have To Do With Security Anyway?

After spending several decades in this industry, I have seen growth in many different security products and in many different areas. All the while, I’ve questioned whether specific technologies were offering real value or were just over-marketed to create more revenue opportunities for investors. As we have seen repeatedly, categories of security products blossom in many different ways. So many vendors, so much technology. Where do we go from here?

EVERTEC Case Study: An Example of How to Spice up Customer Service Levels This Holiday Season

This holiday season kicked off a couple weeks ago, with Black Friday and Cyber Monday showing a 14% increase in early holiday purchases from the same period during 2018, according to a report by Bank of America Merrill Lynch Global Research. With holiday sales projections showing similar numbers until the end of the year, there has never been a more vital time to ensure that consumer transactions are completing as expected.

What is SQL Injection Attack? What are its Types?

SQL injection is a popular method amongst hackers that can cause major problems within an organization. Through SQL injection, an attacker can easily bypass various security measures like authentication. In this article, we will take a closer look at how you can prevent it. What is SQL injection attack? Even though they have been around for a while, SQL injections still pose a serious danger to web applications.